From an historical perspective, a better antenna, low power circuitry, and new material together made possible a miniature counter-measure against radar, namely, a fake target return with Digital Reflection Frequency Modulation (DRFM). Such a military counter-measure has found its way into commerce as a near-field communication called Radio Frequency Identification (RFID), a passive tag attached to every read-writable Smart Hybrid Card (SHC), such as those used in passports, medical or biometric IDs, driver's licenses, and library IDs, manufactured at a fraction of the cost of and more versatile than a line-of-sight restricted bar-code optical scan system. Despite the popularity of RFID, lack of Authenticity, Privacy and Security (APS) protection provided by such systems restricts somewhat its wide-spread use in commercial, financial, medical, legal, and militarily applications. This is mainly due to a limited phase space of about 232 to securely encrypt such light-weight devices without the code being easily broken using the sheer computing power of a modern PC, according to the NSA classification. The practical phase space is made small in part by restriction to use of the modern Latin/Roman alphabet. Further, such systems are more susceptible to successful attack due to the use of common coding terms for identification, for example, by means of statistical correlation of a category index when examining a group of RFID's taken from an installation.
RFID tags have proven to be more versatile than traditional and/or microdot versions of barcode catalog readers using optical scan means, and thus recently have become popular because they provide inexpensive and convenient real-time read-write capabilities that are not limited to near-field, passive or active capacitive or inductive coupling, and line-of-sight operation. Integrating commercial-off-the-shelf (COTS) components, extending its use over the horizon (OTH), and APS are all enhancements that will be needed to proliferate the use of such systems into a broadened range of applications. A standard interface would also be advantageous, as confirmed by the ad-hoc grand unification Near-Field Communication (NFC) consortium (similar to the Blue-Tooth consortium, but larger and more aggressive). The following is a review of RFID basics and security measures, as well as a discussion of specific medical and financial applications of smart cards.
The issue of Authentication and Privacy (AP) is related to security in a somewhat lower degree on the continuum spectrum of APS. While the AP is spoken of when one wishes to ward off casual skimmers, stronger security is needed to prevent deliberate hacking. However, in general AP is taken seriously, for example, regarding issues of authentication for lawyer-client privilege and the privacy for doctor-patient communications. Thus, we need precise ownership protection for authentication checks and no third-party involvement for privacy protection. The index and content of protected data need not to be located on the same RFID tags or reader devices. Separation of such data allowed, for example, Sony to develop the Octopus Card (O-Card) in Hong Kong, circumventing the private financial data basis sharing difficulty with the approval of charge card transactions at all metro and shop vendors. Invariant and updatable data should be treated differently.
Now that 6 million livestock, cats, and dogs have been successfully tracked using RFID, the US FDA recently approved a passive RFID using a 16-digit number and including a microchip and a copper antenna that are encased in a glass capsule about the size of a grain of rice and implantable in the arm of patients at a cost about $200 per implant, including the secured Web data basis for detailed information about the subscribed patients. The principle of the present invention is similar to the human structure of two passive ears with active pre-processing—only binaural agreement defines the systematic signal, otherwise in the case of disagreements, our ears consider them to be merely noise. This power of pairs input sensor system is biologically constrained by the isothermal equilibrium of brains characterized by the minimum of Helmholtz free energy, min. H=E−ToS. Shown to be a ubiquitous unsupervised learning algorithm basis of power of pairs, blind sources separation for a single-pixel space-variant remote sensing for hearing aids, or single-pixel cancer diagnosis were solved by means of the angiogenesis-self-irradiant in terms of infrared dual color (˜3-5 μm & ˜8-12 μm).
What is needed is a new approach to encryption in RFID systems. For example, an affordable traditional practice used in connection with erasable tags is to obfuscate a passkey, say a private number K, by another randomized tag number T, and a reader number R; that is, T*K & R*K is stored on the tag, where * denotes an invertible operation such as EXOR. Then, only an authentic owner who knows all the elements can interrogate using an inverse operation, for example, EXOR*EXOR=I. However, such a pseudo-asymmetric RSA codec can be easily compromised by a hacker using an exhaustive frequently-used word interpretation.